search

jamessan / vim-gnupg

This script implements transparent editing of gpg encrypted files.
http://www.vim.org/scripts/script.php?script_id=3645
729 stars 73 forks source link

Sign when writing files that were signed and verify signed files when opening #34

Open rhz opened 9 years ago

rhz commented 9 years ago

Hi James,

By reading the source I got the impression that when writing files are only signed if the variable g:GPGPreferSign is set to 1, regardless of whether the file was signed to begin with. Assuming my interpretation of the code is right (I don't know any vimscript), I was wondering if the plugin should check if the encrypted file is signed while decrypting it and let b:GPGOptions += ["sign"] accordingly. gpg --decrypt tells you if the signature could be verified in the last 2 lines written to stderr:

gpg: Signature made ... using ... key ID ...
gpg: Good signature from ...

Using this same information signed files can be verified when opening them :)

Files that aren't signed just don't write those last 2 lines to stderr.

Cheers, Ricardo

jdelisle commented 9 years ago

Hi @jamessan,

I have noticed as well that signed GPG files lose their signature when modified with the plugin. Like @rhz suggested, I believe signed files should remain signed after being edited.

Awesome plugin by the way! :)